There have been several field test issues reported in 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE) network coverage, where a wireless communication device (known as user equipment (UE)) fails a security mode procedure and incorrectly interprets messages subsequently sent by the network.
In 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE) networks, when the UE is in a connected state, the network can initiate a security mode procedure to activate Access Stratum (AS) security. AS security provides integrity protection for Radio Resource Control (RRC) signaling and provides ciphering of RRC signaling (SRB) and user data (DRB). 3GPP TS 33.401 V9.7.0 states as follows:
RRC downlink ciphering (encryption) at the eNB shall start after sending the AS security mode command message. RRC uplink deciphering (decryption) at the eNB shall start after receiving and successful verification of the AS security mode complete message. RRC uplink ciphering (encryption) at the UE shall start after sending the AS security mode complete message. RRC downlink deciphering (decryption) at the UE shall start after receiving and successful verification of the AS security mode command message.
If the security mode procedure is activated successfully in the UE in response to a security mode command message, the UE normally decodes subsequent messages sent by the network as ciphered messages and starts ciphering messages to be sent to the network. If the security mode procedure is not activated in the UE in response to a security mode command message, the UE can receive ciphered blocks but the UE will interpret the blocks as un-ciphered. For example, if the security mode is not activated in the UE in response to a security mode command message sent by the network, when the UE receives a ciphered message from the network, the UE may wrongly interpret it as another message and may then perform operations which are not consistent with the initial message sent by the network. In such a case, the network and the UE would be unsynchronized.
3GPP TS 36.331 V9.10.0 entitled Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification describes AS and Non-Access Stratum (NAS) security mode procedures.
U.S. Publication No. 2009/0025060 A1 entitled “Method and Apparatus to Implement Security in a LTE Wireless Device” describes a method for implementing security in a LTE wireless device (UE), comprising receiving a Non-Stratum Access (NAS) message, e.g. a Packet Data Convergence Protocol (PDCP) PDU, which includes security parameters, determining whether the security parameters are correct, and performing a security procedure based on the determination. In the U.S. Publication No. 2009/0025060, if the security parameters are not correct, the UE may disregard or drop the message, report a failure to another protocol layer, initiate re-authentication.
The various aspects, features and advantages of the invention will become more fully apparent to those having ordinary skill in the art upon careful consideration of the following Detailed Description thereof with the accompanying drawings described below. The drawings may have been simplified for clarity and are not necessarily drawn to scale.